Modifying my website to allow anonymous comments

Question

I write the code for my own website as an educational/fun exercise. Right now part of the website is a blog (like every other site out there :-/) which supports the usual basic blog features, including commenting on posts. But I only have comments enabled for logged-in users; I want to alter the code to allow anonymous comments - that is, I want to allow people to post comments without first creating a user account on my site, although there will still be some sort of authentication involved to prevent spam.

Question: what information should I save for anonymous comments? I'm thinking at least display name and email address (for displaying a Gravatar), and probably website URL because I eventually want to accept OpenID as well, but would anything else make sense?

Other question: how should I modify the database to store this information? The schema I have for the comment table is currently

comment_id       smallint(5)       // The unique comment ID
post_id          smallint(5)       // The ID of the post the comment was made on
user_id          smallint(5)       // The ID of the user account who made the comment
comment_subject  varchar(128)
comment_date     timestamp
comment_text     text

Should I add additional fields for name, email address, etc. to the comment table? (seems like a bad idea) Create a new "anonymous users" table? (and if so, how to keep anonymous user ids from conflicting with regular user ids) Or create fake user accounts for anonymous users in my existing users table?

Part of what's making this tricky is that if someone tries to post an anonymous comment using an email address (or OpenID) that's already associated with an account on my site, I'd like to catch that and prompt them to log in.

Answer 1

The whole point of anonymous comments is that users don't have to login, right?

My personal taste is to not force the user to enter anything, not even their name! The only requried field is the comment text itself. If they don't want to give out their name or email, fine, who cares?

If they provide an email that already exists, there's a chance that they registered a looong time ago and don't even remember their password.

Again, don't force the user to login in that case. Just give them a choice to either login or leave email field blank (or change its content). Or, just show a warning box telling them that the comment will be sent without the email address, with "ok" and "cancel" options.

So, what to store with the anonymous comment?

I'd say store their name and email (of course, don't display their email to the public), but make them optional fields, not mandatory.

You can also store their website, although I personally don't know what's the point of that, other than maybe self-advertising for the anonymous poster!

Answer 2

No question, you enter the "username" on the comment table. And you copy the value in your user table to that field for logged in users. This way if a user is deleted, their comments still have a name attached to them. Comments are usually hierarchical making it difficult to just delete one in the middle of a comment tree.

If they leave it blank, you enter your "anonymous_user" text in the table.